Astra Linux - уязвимость в chromium

Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page...

Astra Linux - уязвимость в firefox

Information disclosure, and bypass of mitigation mechanisms in the Settings UI component. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

EUVD-2007-5677

Malware in sbrugna...

EUVD-2018-8528

Malware in sbrugna...

CVE-2024-27734

A Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows an attacker to execute arbitrary code via a crafted script to the Site Name fields of the Site Settings component...

CVE-2024-32211

An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components...

CVE-2025-29450

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component...

CVE-2025-29450

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the site settings component...

PT-2025-17232 · Twonav · Twonav

Name of the Vulnerable Software and Affected Versions: twonav version 2.1.18-20241105 Description: The issue allows a remote attacker to obtain sensitive information via the site settings component. Recommendations: For twonav version 2.1.18-20241105, consider restricting access to the site...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Feb-2025 Release 1, which stems from an improperly exported Android application componen...

Buffalo LS210D < 1.82 Multiple Vulnerabilities

Buffalo LS210D is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:buffalo:ls210dfirmware"; if...

CVE-2024-32211

An issue in LOGINT LoMag Inventory Management v1.0.20.120 and before allows a local attacker to obtain sensitive information via the UserClass.cs and Settings.cs components...

LOGINT LoMag Inventory Management 安全漏洞

LOGINT LoMag Inventory Management is an inventory management system from LOGINT. A security vulnerability exists in LOGINT LoMag Inventory Management v1.0.20.120 and earlier versions, which stems from a vulnerability that could allow a local attacker to obtain sensitive information via the...

JetBrains TeamCity Cross-Site Scripting Vulnerability

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A cross-site scripting vulnerability exists in...

CVE-2023-51800

Cross Site Scripting XSS vulnerability in School Fees Management System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the mainsettings component in the phone, address, bank, accname, accnumber parameters, newclass and cname parameter, addnewparent function in t...

CVE-2023-46504

Cross Site Scripting XSS vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component...

CVE-2023-46504

Cross Site Scripting XSS vulnerability in PwnCYN YXBOOKCMS v.1.0.2 allows a physically proximate attacker to execute arbitrary code via the library name function in the general settings component...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR May-2023 Release 1 prior to version 1, which stems from a call to ImagePreviewActivity in...

CVE-2022-38814

A stored cross-site scripting XSS vulnerability in the authsettings component of FiberHome AN5506-02-B vRP2521 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the sncfgloid text field...

CVE-2019-19670

CVE-2019-19670 affects the Web Settings component of the Web File Manager in Rumpus FTP Server 8.2.9.1. The issue is an HTTP Response Splitting vulnerability that can enable stored XSS and defacement through crafted headers sent to RAPR/WebSettingsGeneralSet.html. Multiple connected sources corro...